Apple Intelligence updated its Apple Private Cloud Compute Security Guide on July 7, 2026 to reorganize and expand its presentation of security design principles. The document previously referenced security requirements within a general navigation structure. The updated guide now explicitly names and describes eight core architectural principles, including stateless computation, absence of privileged runtime access, non-targetability, verifiable transparency, hardware root of trust, hardware integrity, software foundations, and software layering. This change makes the security design rationale more structured and accessible to users and security researchers.
The updated security guide provides more detailed documentation of how Apple Private Cloud Compute is designed to protect user data. The expanded guide explicitly describes eight architectural principles, including that PCC is designed to avoid retaining user data after request processing, operates without privileged interfaces that could expose data, and cannot be targeted to specific users. The guide also states that security researchers can independently verify these privacy and security guarantees.
The updated guide provides more explicit documentation of Apple Private Cloud Compute's stated security architecture, including commitments to stateless processing, absence of privileged access, and independent verifiability by security researchers. This expanded transparency allows users and security researchers to better understand the technical design intended to protect data processed through Apple Intelligence.
Added explicit description that PCC is designed to not retain user data once request processing is complete.
Added language stating security researchers can independently verify PCC privacy and security guarantees.
This change record describes what was added, removed, or modified in the document. Analysis reflects what the updated agreement states or permits. It does not constitute a legal determination about enforceability. Applicability may vary by jurisdiction. Methodology
This change represents a documentation expansion rather than a substantive modification to Apple's Private Cloud Compute operational architecture or terms of service. The update adds structured descriptions of existing design principles but does not establish new technical capabilities, alter data processing authority, or modify contractual obligations. For organizations evaluating Apple Intelligence services, this expansion provides clearer visibility into stated security architecture but does not create new compliance obligations.
Full compliance analysis
Obligation analysis, escalation trigger, board language, and recommended action.
Monitor: regulatory citations + obligations. Compliance: full compliance memo.
ConductAtlas provides verified policy intelligence sourced directly from platform documents. All analysis is intended to support, not replace, legal and compliance review. Record CA-C-003520.
See the full side-by-side comparison of every sentence added, removed, and modified.
🔒 Full diff — MonitorConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them t…
ConductAtlas tracked the restructuring, new disclosures, and entity changes that followed the largest privacy fine in EU history.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do…
Get alerted when this policy changes again — including what changed and why it matters.
Prefer a weekly summary instead?
Get the biggest policy changes across 352+ platforms every Sunday.